"""
Backend for OpenID Connect ELIXIR AAI
https://www.elixir-europe.org/services/compute/aai
"""

from social_core.backends.open_id_connect import OpenIdConnectAuth


class ElixirOpenIdConnect(OpenIdConnectAuth):
    name = 'elixir'
    OIDC_ENDPOINT = 'https://login.elixir-czech.org/oidc'
    EXTRA_DATA = [
        ('expires_in', 'expires_in', True),
        ('refresh_token', 'refresh_token', True),
        ('id_token', 'id_token', True),
        ('other_tokens', 'other_tokens', True),
    ]
    # In order to get any scopes, you have to register your service with
    # ELIXIR, see documentation at
    # https://www.elixir-europe.org/services/compute/aai
    DEFAULT_SCOPE = ['openid', 'email']
    JWT_DECODE_OPTIONS = {'verify_at_hash': False}

    def get_user_details(self, response):
        username_key = self.setting('USERNAME_KEY', default=self.USERNAME_KEY)
        name = response.get('name') or ''
        fullname, first_name, last_name = self.get_user_names(name)
        return {'username': response.get(username_key),
                'email': response.get('email'),
                'fullname': fullname,
                'first_name': first_name,
                'last_name': last_name}
